How can users be allowed change their own passwords only, not everyone's?

(Johnny Park) #1

Hello. I read here and here and understand that users can change their passwords on Kibana. I had to add role with "manage_security" privilege to do so. However, this privilege allows the user to add super_user and pretty much do anything.

Is there a finer privilege that allows the user to change their own passwords only? Or some other way to allow to user to change their own passwords only?

Thank you.

(Lee Drengenberg) #2

Hi Johnny,

You should NOT have to give users "manage_security" privilege for them to be able to change their own password.

If the user tries to go to Management > Users they will get a permission error message like this;

But if they just click on their username near the bottom-left they should be able to change their own password;


(Johnny Park) #3

Awesome, thanks Lee. Your explanation about Management > Users error clarified it. I didn't know you can change the password by clicking on the username on bottom left. So I was trying with "management_security".

(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.